Desktop and Portable Computer Standard Security Checklist for End-Users

Computer identification and location: _____________________________________________

Completed by (please print): _______________________ Date: ______________

Signature: _________________________ Next scheduled review date: ______________

Managers signature: _________________________ Date: ______________

All computers that connect to the RIT network require the following: Ref. Initials 1. Anti-virus software (with malware signature, heuristic, anti-spyware, reputation awareness)

installed and enabled. (1)

2. A firewall, software or hardware, is installed and enabled. (2)

3. All operating system and application security patches are up to date. (3)

4. Users are aware that they should not leave their computer unattended without logging off or (4.1) locking the computer first.

5. Computer is set to automatically lock the screen when inactive for more than 15 minutes. (4.2)

6. Have you confirmed with your systems administrator that an ISO-approved Host Intrusion (5) Prevention System is installed and enabled on your machine?

7. Have you confirmed with your systems administrator that ISO-approved host-based vulnerabilitymanagement software is installed and enabled on your machine? (Requirement pending productselection.)

8. Have you confirmed with your systems administrator that ISO-approved private information managementsoftware is installed and enabled on your machine? (7, 7.4)

9. Scans are allowed to complete monthly and results are reported (by the software) to ISO. (7.1, 7.3)

10. No private information is stored on the computer. If the software reports any private information,it is immediately remediated. (7.2)

11. Do you access private information on this computer? (Y/N) ____________If No, skip to number 14.

12. Have you confirmed with your systems administrator that whole-disk encryption is installedand enabled, and that no user-configurable settings are interfering with the software? (8.1 8.2, 8.4)

13. The encryption software and its policies are being managed by centralized ISO-approved (8.3) security personnel.

14. Have you confirmed with your systems administrator that this computer can be audited from centralizedand ISO-approved configuration and software management tools, and that the audit is configured toinclude applications and patch inventory? (9)

15. Are administrator privileges being used on this computer? (Y/N) ____________ (10)

If Yes, who is the dean or VP that has authorized the privileges? ___________________________

RIT Information Security infosec@rit.edu https://www.rit.edu/security

Creative Commons Share Alike License DesktopChecklist-EndUser-2014.doc 1 of 1 Revised 1/20/15

NA